News

The latest releases of Fisheye 2 (source code repository browser) and Crucible 2 (code review) from Atlassian offer a completely revamped UI, one that allows developers to follow the team (a kind of social networking) as well as follow the work. Crucible 2 also supports the idea of "iterative code review."

Jaibeer Malik has posted an introduction of how to address and introduce code quality within a team. His series of posts may suite you if you are in a situation where you have to either learn more yourself or introduce these ideas to others. The series provides a brief overview of the topic and gives pointers in different directions of where to go to study more.

The current Ruby 1.9.1 doesn't have the required features to allow ParseTree's runtime features to work - which means some libraries that depend on those features won't work. Examples are Merb's action arguments or heckle. We take a look at the state of ParseTree - and how ruby_parser is a possible way out.

In this RubyFringe talk, Reginald Braithwaite shows how to write Ruby that reads, writes, and rewrites Ruby. The demos include extending the Ruby language with conditional expressions, new forms of evaluation such as call-by-name and call-by-need, and more.

In this interview from RubyFringe, Yehuda Katz talks about the design principles behind Merb and its focus on a stable API. Yehuda also mentions Yard, an RDoc replacement, which provides a simple way to define contracts for Ruby methods.

Static code analysis, long neglected on the Windows platform, has been becoming more and more import in the last few years. This hasn't gone unnoticed by database developers, who thanks to Ubitsoft can now analyze T-SQL just like .NET developers analyze managed code.

Microsoft has released a new version of FxCop, the popular static code analyzer and policy enforcement utility. This release fixes numerous bugs and adds support .NET Framework 3.5 language features. This release updates FxCop to have the same engine enhancements provided to VSTS Code Analysis in VS 2008 SP1.

Creating secure code requires more than just good intentions. Programmers need to know how to make their code safe in an almost infinite number of scenarios and configurations. Static source code analysis can uncover the kinds of errors that lead directly to vulnerabilities and in this talk, Brian Chess frames the software security problem and shows how static analysis is part of the solution.

Earlier this year Klocwork released a desktop product, Klocwork Insight, bringing their automated source code analysis features to individual developers. InfoQ recently sat down with Klocwork CTO Gwyn Fisher to discuss the product.

Microsoft has created FxCop rules for projects leveraging the extensibility framework System.AddIn. This joins the out-of-band project Pipeline Builder as a must-have for developers using this .NET 3.5 framework.

Any tool is only good if it is in the hands of a developer who knows how to use it. NDepend is one of those tools which is very powerful but addresses an aspect of software development too few architects or developers understand, software metrics.

Quest Software recently released JProbe 8.0, a Java code, memory, and coverage profiler. While JProbe has been one of the leading Java profiling tools since the late 1990's, JProbe 8.0 aims to help Quest regain the leadership position in the profiling market with new Eclipse integration and a more competitive price point.

Is today’s mainstream use of flat files the optimal way to represent code? Several discussions occurred in the blogspace in reaction to Rick Minerich’s post advocating for moving away from this paradigm towards keeping code in queryable data structures. What are the advantages of this approach and what are the trade-offs to take into consideration?

InfoQ informed the community about the free EQATEC code profiler for the .NET Compact Framework a month ago. In the meantime, the profiler has been well received by the community, and EQATEC released version 1.2 with new features and bug fixes.